96f7fb41cedd8ee2739d539522bf8409f6b9c953cd837c2d60b802c7e0773d83

Sharing

Copy URL Twitter E-mail

General

Target

96f7fb41cedd8ee2739d539522bf8409f6b9c953cd837c2d60b802c7e0773d83
Size

508KB
MD5

54f3e6cc959d93e408e43a9962acffe0
SHA1

95b2d10af2cfdbe55afa55878380548dab506e7d
SHA256

96f7fb41cedd8ee2739d539522bf8409f6b9c953cd837c2d60b802c7e0773d83
SHA512

e224c909f098b16c5ee88b3dcdf5bc432a912797fd92e1d6c6549578310f53b21d39b9133ceac02cab87979aaa06b387fd62bbefe7484737d964a3c4a9b92d49
SSDEEP

12288:uf6cpHj06Sbf3gITshAOwqMWJxTJrp3pkWJtbZU8JFtrymB:a6i06Sj3gITKAHqMWJdFp3SKtb/JFwE

Score

N/A

Malware Config

Signatures

Files

96f7fb41cedd8ee2739d539522bf8409f6b9c953cd837c2d60b802c7e0773d83
.exe windows x86

233e42d2d9eb9973d1b83c5b8a24df8f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

dbghelp

SymSetOptions
SymInitialize
SymLoadModule
SymGetModuleInfoW
SymCleanup

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle
InternetConnectA
HttpOpenRequestA
HttpSendRequestA

psapi

GetModuleFileNameExA

comctl32

InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_Create

kernel32

HeapSize
HeapReAlloc
HeapDestroy
GetVersionExA
IsDebuggerPresent
SetUnhandledExceptionFilter
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
HeapAlloc
GetProcessHeap
VirtualProtect
HeapFree
CreateThread
CloseHandle
FindResourceW
SizeofResource
LockResource
LoadResource
FindResourceExW
GetModuleHandleW
GetTickCount
SetCurrentDirectoryW
TerminateProcess
SetEvent
VirtualQueryEx
CreateProcessW
CreateFileA
FreeLibrary
WaitForSingleObject
OpenThread
ReadProcessMemory
WriteProcessMemory
lstrlenW
OpenProcess
lstrcatW
DeleteFileW
CopyFileW
LoadLibraryW
FindFirstFileW
FindNextFileW
FindClose
GetExitCodeProcess
lstrcpyW
InterlockedIncrement
InterlockedDecrement
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
WideCharToMultiByte
FileTimeToSystemTime
GetTimeZoneInformation
SystemTimeToTzSpecificLocalTime
GetModuleFileNameW
ResumeThread
GetLastError
FreeResource
CreateEventW
CreateFileW
WriteFile
Sleep
DeleteCriticalSection
InterlockedCompareExchange
GetTempPathW
CreateDirectoryW
GetPrivateProfileSectionW
GetVersionExW
ReadFile
SetFilePointer
GetProcAddress
GetFileSize
GetThreadSelectorEntry
GetFileAttributesW
GetCurrentProcessId
GetCurrentThreadId
MultiByteToWideChar
SetFileAttributesW
VirtualQuery
MoveFileW
InitializeCriticalSection
GetCommandLineW
EnterCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
GetProcessTimes
GetCurrentProcess
GetSystemTimeAsFileTime
UnhandledExceptionFilter
GetStartupInfoW
RaiseException

user32

CreateWindowExW
RegisterClassExW
GetClassInfoExW
DefWindowProcW
IsWindow
DestroyMenu
TrackPopupMenu
GetWindowThreadProcessId
GetMenuItemCount
CreatePopupMenu
GetDC
ReleaseDC
EnableWindow
SendDlgItemMessageW
CloseClipboard
SetClipboardData
EmptyClipboard
DestroyWindow
OpenClipboard
RegisterClipboardFormatW
InvalidateRect
MapDialogRect
GetWindowRect
MapWindowPoints
GetKeyState
SetWindowLongW
ClientToScreen
KillTimer
SetDlgItemTextW
GetWindowTextW
GetWindowTextLengthW
GetWindow
MessageBoxW
SetTimer
GetDesktopWindow
SetWindowPos
SetWindowTextW
SendMessageW
LoadIconW
PostMessageW
DialogBoxParamW
DrawIconEx
EndDialog
GetClientRect
GetDlgItem
ShowWindow
LoadImageW
UnregisterClassA
CallWindowProcW

gdi32

DeleteObject
GetStockObject
SetTextColor

advapi32

RegCloseKey
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
RegOpenKeyExW

shell32

SHBindToParent
SHGetDesktopFolder
ord155
SHGetFileInfoW
SHGetSpecialFolderPathW
ShellExecuteW

ole32

DoDragDrop
CreateStreamOnHGlobal
OleUninitialize
OleInitialize

oleaut32

SysStringByteLen
SysAllocStringByteLen
SysAllocString
SysStringLen
SysFreeString

gdiplus

GdiplusShutdown
GdipCloneImage
GdipImageSelectActiveFrame
GdipGetImageHeight
GdiplusStartup
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipCreateFromHDC
GdipDisposeImage
GdipDeleteGraphics
GdipDrawImageRectI
GdipLoadImageFromStreamICM
GdipFree
GdipGetImageWidth
GdipAlloc

shlwapi

PathFileExistsW

msvcp80

??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?clear@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
?reserve@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@_W@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?resize@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z

msvcr80

malloc
vsprintf_s
??2@YAPAXI@Z
_vscprintf
swscanf
wcsncmp
_time32
_CxxThrowException
_snwprintf
_snprintf
_wcsicmp
iswspace
strtoul
fprintf
_wfopen
fseek
ftell
_mbslwr_s
__wargv
_mbsstr
__argc
_invalid_parameter_noinfo
free
?what@exception@std@@UBEPBDXZ
fwrite
_controlfp_s
_invoke_watson
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABQBD@Z
wcsrchr
_mbscmp
_crt_debugger_hook
_except_handler4_common
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
_decode_pointer
_onexit
_wcslwr_s
??_V@YAXPAX@Z
fclose
wcsstr
_beginthreadex
strncmp
strchr
strrchr
atoi
isspace
wcscpy_s
fread
wcscat_s
_gmtime32
iswdigit
iswalpha
iswalnum
_time64
_vsnprintf_s
isalpha
isalnum
tolower
wcsncpy
_wtoi
memset
memcpy
__CxxFrameHandler3
_unlock
__dllonexit
_encode_pointer
memmove
??3@YAXPAX@Z
memcpy_s
memmove_s
_purecall
_vscwprintf
vswprintf_s
srand
_lock

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationW

crypt32

CertGetNameStringW

wintrust

WTHelperGetProvSignerFromChain
WTHelperProvDataFromStateData
WinVerifyTrust
WTHelperGetProvCertFromChain

Sections

.text
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

�
Size: 240KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

233e42d2d9eb9973d1b83c5b8a24df8f

Headers

File Characteristics

Imports

version

dbghelp

wininet

psapi

comctl32

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

gdiplus

shlwapi

msvcp80

msvcr80

wtsapi32

crypt32

wintrust

Sections

.text Size: 152KB - Virtual size: 151KB

.rdata Size: 48KB - Virtual size: 47KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 60KB - Virtual size: 58KB

� Size: 240KB - Virtual size: 240KB

.text
Size: 152KB - Virtual size: 151KB

.rdata
Size: 48KB - Virtual size: 47KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 60KB - Virtual size: 58KB

�
Size: 240KB - Virtual size: 240KB